Embodiments of the invention relate to computer data access control and privacy in general.
Many organizations maintain documents and data files that include information, such as of a medical or financial nature, that is deemed sensitive and whose exposure to individuals is restricted by company policy, or even by law. Such organizations may employ document redaction software that removes sensitive information from documents before they are shown to individuals requesting access to such documents. Document redaction software typically removes sensitive information from documents automatically according to a set of predefined rules. However, post-redaction review by a human reviewer is typically required to ensure that sensitive data is properly identified as such within a document and is redacted accordingly. This typically requires that the reviewer be given access to the pre-redacted contents of a document as well. However, where exposure to sensitive information is restricted to individuals with specific legal and/or professional qualifications, such as licensed medical professionals, it is often difficult and expensive to engage such individuals to perform post-redaction review.